Agreed. This sounds like a nice user-friendly feature until you realize what a colossal privacy disaster this would be for any malicious app that the user grants these permissions to.
"DerpCo Derpolizer would like to access your stored cookies. This allows us to automatically log into your DerpCo account!" and then bam, they hoover up your login data in an instant and send it off as part of their telemetry.
Much better to have a system like (for example) sign in with Apple where you can easily click a button to have the system authenticate you, but no one gets access to anything without specifically asking for it.
"DerpCo Derpolizer would like to access your stored cookies. This allows us to automatically log into your DerpCo account!" and then bam, they hoover up your login data in an instant and send it off as part of their telemetry.
Much better to have a system like (for example) sign in with Apple where you can easily click a button to have the system authenticate you, but no one gets access to anything without specifically asking for it.